Judit Szanto scite author profile

Power station control and management systems represent key elements for guaranteeing the security of the power grid infrastructure. Intrinsically conceived to support the continuous provision of power in secure conditions, those systems today make intensive use of information and communication systems and are therefore exposed to related accidental and intentional cyber threats. This paper describes a simulation of cyber attacks conducted in the CESI RICERCA laboratory testbed on a prototypical substation control infrastructure with the purpose of testing their feasibility and illustrating their impact on the control system services. A set of attack scenarios targeting several subsystems has been experimented, with different simulated threat motivations and different degrees of impact on the global substation service. The paper reports some considerations about the consequences of the implemented attacks, focusing on different facets of the problem, in an effort to elucidate the full significance of the potential cyber threats.

show abstract

Cyber risk assessment of power control systems — A metrics weighed by attack experiments

2011

Supporting cyber risk assessment of Power Control Systems with experimental data

2009

ICT resilience of power control systems: experimental results from the CRUTIAL testbeds

et al. 2009

Distributed intelligence and secure interconnected communication networks constitute recognized key factors for the economic operation of electricity infrastructures in competitive power markets. Hence, electric power utilities need to extend risk management frameworks with adequate tools for assessing consequences of ICT (Information and Communication Technologies) threats on their critical business. This requires realistic probability estimates to cyber threat occurrences and consequent failure modes. Due to data sensitivity and rapid discovery of new vulnerability exploits, historical data series of ICT failures affecting power control infrastructures are not sufficient for a timely risk treatment. Such lack of data can partially be overcome by setting up testbeds to run controlled experiments and collect otherwise unavailable data related to cyber misbehaviours in power system operation. Within the project CRUTIAL (CRitical UTility InfrastructurAL resilience) two testbed platforms have been set up for experimentally evaluating malicious threats on macro and micro grid control scenarios. Results from experimental campaigns are analyzed in the paper by means of an evaluation framework.

show abstract

Performance evaluation of standard power grid communications experiencing cyber anomalies

2011